package com.dongdongshop.shiro;

import at.pollux.thymeleaf.shiro.dialect.ShiroDialect;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.LinkedHashMap;
import java.util.Map;

@Configuration
public class ShiroConfig {

    /*
    * 创建ShiroFilterFactoryBean
    * */
    @Bean
    public ShiroFilterFactoryBean getShiroFilterFactoryBean(@Autowired DefaultWebSecurityManager defaultWebSecurityManager){
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        // 设置安全管理器
        shiroFilterFactoryBean.setSecurityManager(defaultWebSecurityManager);
        // 添加Shiro内置过滤器
        /*
        * Shiro内置过滤器,可以实现权限相关的拦截器
        *   常用的过滤器
        *       anon:无需认证（登录）可以访问
        *       authc:必须认证才可以访问
        *       user:如果使用rememberMe的功能可以直接访问
        *       perms:该资源必须得到资源权限才可以访问
        *       role:该资源必须得到角色权限才可以访问
        * */
        Map<String,String> filterMap = new LinkedHashMap<String,String>();

//        filterMap.put("/static/**","anon");// key是路径，value是过滤器
//        filterMap.put("/logenController/**","anon");
//        filterMap.put("//user/**","anon");
        // 设置方法必须有权限才能操作
//        filterMap.put("/tRoleController/list","perms[role:list]");
//        filterMap.put("/menuController/listGet","perms[menu:list]");
//        filterMap.put("/xxxx","perms[add:add]");
//        filterMap.put("/xx","perms[delete:delete]");
        // 设置退出登录
//        filterMap.put("/authc/logout","logout");
//        filterMap.put("/**","authc");

        // 修改调整的登录页面
//        shiroFilterFactoryBean.setLoginUrl("/logenController/shoplogin");
//        // 设置无法访问页面
//        shiroFilterFactoryBean.setUnauthorizedUrl("/logenController/wufafangwen");
        shiroFilterFactoryBean.setFilterChainDefinitionMap(filterMap);

        return shiroFilterFactoryBean;
    }

    /*
    * 创建DefaultWebSecurityManager
    * */
    @Bean
    public DefaultWebSecurityManager getDefaultWebSecurityManager(@Autowired Realm realm){
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        // 关联realm
        securityManager.setRealm(realm);
        return securityManager;
    }

    /*
    * 创建Realm
    * */
    @Bean
    public Realm getRealm(@Autowired HashedCredentialsMatcher hashedCredentialsMatcher){
        Realm realm = new Realm();
        // 设置加密
        realm.setCredentialsMatcher(hashedCredentialsMatcher);
        return realm;
    }

    // 设置密码加密
    @Bean
    public HashedCredentialsMatcher getHashedCredentialsMatcher(){
        HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();
        // 1 指定加密方式
        hashedCredentialsMatcher.setHashAlgorithmName("MD5");
        // 2 指定加密次数
        hashedCredentialsMatcher.setHashIterations(10);
        // 开启Hex编码方式
        hashedCredentialsMatcher.setStoredCredentialsHexEncoded(true);
        return hashedCredentialsMatcher;
    }

    @Bean
    public ShiroDialect getShiroDialect(){
        return new ShiroDialect();
    }
}
